Drupal Multimedia
Drupal Multimedia, by Aaron Winborn, Available Now!Popular content
- Built a New Widget! (135,230)
- Erik Gecas's Art Show (80,469)
- Drupal Multimedia Book Announcement at Drupal.org (71,108)
- YouTube Expands API: Good for Embedded Media Field (67,354)
- Map a Video Feed! (66,727)
- Inline Video with jQuery Media! (44,781)
- Drupal will Explode your Site into a Million Pieces, and Why You Want That. (43,381)
- How to Use jQuery Media for Audio & Video (35,245)
- Drupal, WordPress, or Joomla? (A Trick Question) (34,417)
- Cufón, an Alternative to sIFR for Image Replacement (29,111)
- Views Slideshow for Views 2 (28,016)
- Media Code Sprint (January 2009) (26,720)
- Home-Brewed Drupal Media Player in the Works! (23,980)
- Minimalist Drupal Themes (23,348)
- Do YouTube With Drupal (23,226)
- Media Code Sprint (Top 3 Goals) (22,659)
- Embedded Media Field a Media Essential (22,372)
- YouTube API for Drupal on the Way! (21,794)
- googlebd9df72f6c85297e.html (19,809)
- Site Hacked? Read Cracking Drupal! (18,562)
- JavaScript Theming, a Paradigm Shift (16,164)
- How to do the YouTube Video Cycle! (16,029)
- jQuery Media Release (15,720)
- Media Transcriptions Roadmap (15,516)
- Splash Screen for Media Player! (15,500)
User login
Navigation
Drupal Security Team
A Visit from the Drupal Security Police
Thu, 06/04/2009 - 01:52 — aaronCaveat: The following should be read with the understanding that I absolutely respect and admire the job that the volunteers of the Drupal Security Team do! Without their gallant efforts, Drupal wouldn't be the safe framework that it is. And as an aside, all module maintainers, developers, and anyone interested in learning more about how to lock down their site should read Cracking Drupal: A Drop in the Bucket
Last week, I received a visit from the Drupal Security Team, telling me that the Embedded Media Field module contains a XSS vulnerability.
That put the fear of Drupal into me! The next day, I had a spanking new fix for it, and was ready to make a new release. That's when I actually read the instructions about what to do when you've been contacted by the Drupal Security Team...
Recent comments
Syndicate
The final chapter of that section, "Automated Security Testing", explores some currently available modules that should be in the bag of tricks for not only module developers
"Drupal's User and Permissions System", begins the section most exciting to me as a developer, by describing the API and hooks offered by Drupal to help create more secure code.
"Anatomy of Vulnerabilities", offers an extensive overview of the predominate routes of attack that may be taken against a site.
Thanks a lot for article. If you use Rapidshare, you must know Rapidshare Search Engine ( http://filecraft.com ) - Easy Way To Find Files!
what does that have to do with this post?
sarees